nixpkgs-suyu/pkgs/development/interpreters/wasm3/default.nix
2023-05-24 09:19:31 -07:00

46 lines
1.1 KiB
Nix

{ lib, stdenv, cmake, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "wasm3";
version = "0.5.0";
src = fetchFromGitHub {
owner = "wasm3";
repo = "wasm3";
rev = "v${version}";
sha256 = "07zzmk776j8ydyxhrnnjiscbhhmz182a62r6aix6kfk5kq2cwia2";
};
nativeBuildInputs = [ cmake ];
cmakeFlags = [
"-DBUILD_WASI=simple"
];
installPhase = ''
runHook preInstall
install -Dm755 wasm3 -t $out/bin
runHook postInstall
'';
meta = with lib; {
homepage = "https://github.com/wasm3/wasm3";
description = "The fastest WebAssembly interpreter, and the most universal runtime.";
platforms = platforms.all;
maintainers = with maintainers; [ malbarbo ];
license = licenses.mit;
knownVulnerabilities = [
# wasm3 expects all wasm code to be pre-validated, any users
# should be aware that running unvalidated wasm will potentially
# lead to RCE until upstream have added a builtin validator
"CVE-2022-39974"
"CVE-2022-34529"
"CVE-2022-28990"
"CVE-2022-28966"
"CVE-2021-45947"
"CVE-2021-45946"
"CVE-2021-45929"
"CVE-2021-38592"
];
};
}